I guess what I meant was that we'd want to authenticate the user in one of two ways:
(1) as a System User. So the clients credentials would be compared against the system users, OR, if no such user exists (2) verify the client against credentials stored in LDAP. Both of these scenarios work individually. Meaning I can configure FR to authenticate System users. I can also configure FR to authenticate against LDAP. But we cannot seem to combine them and offer both options. Matt [EMAIL PROTECTED] -----Original Message----- From: Alan DeKok [mailto:[EMAIL PROTECTED] Sent: March 9, 2007 11:21 AM To: [EMAIL PROTECTED]; FreeRadius users mailing list Subject: Re: EAP and System users? Matt Ashfield wrote: > > We've been working on having a setup that can authenticate users against > LDAP via EAP (Chap) as well as System users. http://deployingradius.com/documents/protocols/compatibility.html LDAP doesn't do CHAP, so I'm not sure what you mean. The only EAP methods that are compatible with /etc/password is EAP-GTC, or TTLS with tunneled PAP. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html